fredag 2 oktober 2015

Flera nya sårbarheter upptäckta i Adobe Flash

Under torsdagen den 2:e oktober erkändes flera nya sårbarheter i Adobe Flash. Zscaler har proaktivt utvecklat skydd för attacker mot nya sårbarheter i Adobe Flash. Det avancerade skyddslagret används för att blockera zero-day-hot som utnyttjar nyupptäckta sårbarheter och inkluderas i Zscaler Advanced Behavioral Analysis.




WeClouds webbsäkerhetslösning från Zscaler analyserar allt innehåll i den data som hämtas från webben och bedömer det genom flera olika analyser, jämförelser och beteendeanalyser. Skanningen av http/https sker i realtid och skyddar användare och system oavsett var de kopplat upp sig genom att styra trafiken via någon av skannings-noderna i det globala säkerhetsnätverket.

APSB15-23Security updates available for Adobe Flash Player
Severity: Critical

Affected Software
  • Adobe Flash Player Desktop Runtime 18.0.0.232 and earlier
  • Adobe Flash Player Extended Support Release 18.0.0.232 and earlier
  • Adobe Flash Player for Google Chrome 18.0.0.223 and earlier
  • Adobe Flash Player for Microsoft Edge and Internet Explorer 11 18.0.0.232 and earlier
  • Adobe Flash Player for Internet Explorer 10 and 11 18.0.0.232 and earlier
  • Adobe Flash Player for Linux 11.2.202.508 and earlier
  • AIR Desktop Runtime 18.0.0.199 and earlier
  • AIR SDK 18.0.0.199 and earlier
  • AIR SDK & Compiler 18.0.0.180 and earlier
  • AIR for Android 18.0.0.143 and earlier
CVE-2015-5567 – Flash Player Stack Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-5570 – Flash Player Use After Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-5572 – Flash Player Security Bypass Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-5573 – Flash Player Type Confusion Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-5574 – Flash Player Use After Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-5582 – Flash Player Memory Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-5584 – Flash Player Use After Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-5587 – Flash Player Stack Overflow Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-5588 – Flash Player Memory Corruption Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-6676 – Flash Player Buffer Overflow Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-6678 – Flash Player Buffer Overflow Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-6679 – Flash Player Same-Origin-Policy Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis
CVE-2015-6682 – Flash Player Use After Free Vulnerability
         Security Subscription Required: Advanced Behavioral Analysis

Description: Critical vulnerabilities have been identified in Adobe Flash Player. Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.

www.wecloud.se
info@wecloud.se